In Part 1 we’ve established the basic terminology when discussing the use of documents in Resco Mobile CRM and described how they’re presented in the apps user interface. In this post we’ll take a closer look at document filtering, viewing, editing, storage and safety.

3. Document filtering

The documents are primarily downloaded during the synchronization. Because the external storage (e.g. the SharePoint server) may contain Terabytes of data, Woodford admin has the possibility to define document filters.

If there are multiple EntityAttachmentsFilter nodes that apply to given attachment, then all of them must be fulfilled.

MaxAttachmentSize defines the size limit applicable to all attachments. (Same effect as MaxFileSize in the Setup form.)

NotSyncingAttachmentsFor is used to specify entity types for which no attachments are downloaded.

Account annotations are limited to 150K, however there is a stricter limit for *.jpg files (50K) and *.doc files (100K).

All annotations (except account annotations) are limited to 300K.

ActivityMimeAttachment’s use custom size limit.

Notes:

Files that do not pass filter conditions are not downloaded. However, these files are listed on the screen and can be downloaded on demand.

Size “-1” means unlimited. Size “0” means nothing allowed.

AttachmentsFilter Quota values are ignored at the time of writing. (MCRM 10.1.0.2)

If you do not have any explicit BlobStoreFilter, MCRM will use an implicit filter that specifies a quota of 4GB and MaxFileSize as defined in the Setup form

The document filter is the most frequent reason that causes not-downloaded documents. Other common errors are various download failures, such as web communication errors.

Creating the document filter in Woodford

At present Woodford does not offer a dedicated UI for adding a blob store filter. Hence, the system admin has to do it manually:

Create BlobStoreFilter.xml file. Double check that it is a well formed xml file (open it in the web browser, for example)

Use Woodford to export the project

Rename the exported *.Woodford file to a *.zip. (i.e. change its file suffix)

Open the zip file

Add BlobStoreFilter.xml to the opened zip file into the folder Configuration

Save the zip file, rename it back to *.Woodford

Import the project back into Woodford

Publish the updated project so that the changes can be distributed to all mobile users

4. Document viewing/editing details

There are numerous document types: images, Office documents, plain text files, PDF files… or even proprietary formats. However, the question is: Which of these file types can be viewed by MCRM?

The general answer is – it depends on your device: Some file types can be opened directly in MCRM. For the remaining documents, MCRM asks the OS to open the file. The result depends on whether the device has a suitable viewer/editor installed. Hence the general rule is – if you are able to open certain file type on your device, you will be able to do so also from MCRM.

Document editing is supported partially – on Android and Windows Desktop platforms. iOS and Windows Store versions do not support document editing.

*) In-app preview is usually realized in web control.

5. Document storage and Safety

Documents are usually stored in the blob storage.*

Documents at rest are as safe as any other MCRM data – entity records, attachments etc. More precisely, they are stored encrypted and can only be opened by MCRM. The Woodford admin has enough tools to warrant MCRM data safety and this warranty extends also to document files downloaded to your mobile device.

Documents at transit refers to the document download/upload. Document safety in this case depends on the communication protocols offered by the server. All file hosting services use https protocol and SharePoint is normally configured this way too. It means documents at transit are safe.

Finally, the data in use. This refers to the question of how safe is the data when being previewed/edited. This is a grey area because a situation that an unencrypted document is used beyond MCRM control may occur. Plus, we also have to differentiate between platforms…

General schema looks like this:

A document is decrypted to a temp file.

The temp file is passed to the viewer/editor.

If the edit action has finished and the file was modified, it is encrypted and saved back into the original store.

Sometimes later the temp file is cleaned. (At the time of writing the temp files are latest cleaned at next MCRM startup.)

Platform differences:

iOS: MCRM runs in a sandbox, hence all its data (incl. temp files) are inaccessible to the outside world. Document passed to external viewer lives in the sandbox of that viewer. Hence data in use is considered as safe as is the iOS sandbox itself and the external viewers you use. Note that data at rest is more secure as it benefits both from sandbox security and added MCRM security (encryption, remote device control etc.).

Android: MCRM also runs in a sandbox and similar security conclusions as for iOS apply – with one exception, however: Documents passed to external viewer live as temporary unencrypted files. Hence using external viewers can be considered a security risk.

Windows desktop: No sandbox is used by the platform, hence only MCRM security features apply. Temp files containing unencrypted source documents (even those passed to the in-app viewer) are not secured in any way.

*) Notes can be optionally stored in the main application database, if the Woodford admin decides so. However, this is rarely a good idea – mainly because of decreased database performance.

Coming up next week, we will examine the details of how Resco Mobile CRM works with file hosting services, especially SharePoint which is commonly integrated with Dynamics 365/CRM.